CVE-2011-3603

EPSS 0.06%
Veröffentlicht 27.04.2014 21:55:05
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Litech ≫ Router Advertisement Daemon Version <= 1.8.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.163

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.litech.org/radvd/CHANGES

http://www.openwall.com/lists/oss-security/2011/10/06/3

https://access.redhat.com/security/cve/CVE-2011-3603

https://nvd.nist.gov/vuln/detail/CVE-2011-3603

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-3603

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-3603

EUVD